//
// Source code recreated from a .class file by IntelliJ IDEA
// (powered by FernFlower decompiler)
//

package org.flowable.ui.modeler.security;

import org.flowable.common.engine.api.FlowableException;
import org.flowable.ui.common.model.RemoteUser;
import org.flowable.ui.common.service.idm.RemoteIdmService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Component;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;

@Component
public class RemoteIdmAuthenticationProvider implements AuthenticationProvider {
    @Autowired
    protected RemoteIdmService remoteIdmService;

    public RemoteIdmAuthenticationProvider() {
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        RemoteUser user = this.remoteIdmService.authenticateUser(authentication.getPrincipal().toString(), authentication.getCredentials().toString());
        if (user == null) {
            throw new FlowableException("user not found " + authentication.getPrincipal());
        } else {
            Collection<GrantedAuthority> grantedAuthorities = new ArrayList();
            Iterator var4 = user.getPrivileges().iterator();

            while(var4.hasNext()) {
                String privilege = (String)var4.next();
                grantedAuthorities.add(new SimpleGrantedAuthority(privilege));
            }

            Authentication auth = new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), grantedAuthorities);
            return auth;
        }
    }

    public boolean supports(Class<?> authentication) {
        return false;
    }
}
